Sun Microsystems, Inc. Information for VU#800113
Multiple DNS implementations vulnerable to cache poisoning
- Vendor Information Help Date Notified: 05 May 2008
- Statement Date: 07 Jul 2008
- Date Updated: 31 Jul 2008
At the time of writing, Solaris 8, 9, and 10 with the latest patches
provide the following versions of BIND from the Internet Systems
Consortium, Inc. (ISC):
Solaris 8 BIND 8.2.4
Solaris 9 BIND 8.3.3
Solaris 10 BIND 9.3.4-P1
Thus Solaris 8, 9, and 10 are affected by the issue described in CERT
VU#800113. Sun has published Sun Alert 240048 for this issue which is
Full details including the contributing factors and possible workarounds
are in the above Sun Alert.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.